14315 matches found
acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-36017 via tensorflow (>=2.8.0 <=2.8.0rc1)
tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-36017 Source advisory: OSV:GHSA-WQMC-PM8C-2JHC...
GHSA-WQMC-PM8C-2JHC TensorFlow vulnerable to segfault in `Requantize`
Impact If Requantize is given inputmin, inputmax, requestedoutputmin, requestedoutputmax tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf outtype = tf.quint8 input = tf.constant1, shape=3, dtype=tf.qint32...
TensorFlow vulnerable to segfault in `Requantize`
Impact If Requantize is given inputmin, inputmax, requestedoutputmin, requestedoutputmax tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf outtype = tf.quint8 input = tf.constant1, shape=3, dtype=tf.qint32...
CVE-2022-35986
TensorFlow vulnerability CVE-2022-35986 affects RaggedBincount: if an empty input tensor for splits is provided, a segfault can trigger a denial of service. The issue is fixed via GitHub commit 7a4591fd4f065f4fa903593bc39b2f79530a74b8, with the fix slated for TensorFlow 2.10.0 and cherry-picked b...
CVE-2022-35986 Segfault in `RaggedBincount` in TensorFlow
TensorFlow is an open source platform for machine learning. If RaggedBincount is given an empty input tensor splits, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 7a4591fd4f065f4fa903593bc39b2f79530a74b8. The fix will b...
CVE-2022-35986 Segfault in `RaggedBincount` in TensorFlow
TensorFlow is an open source platform for machine learning. If RaggedBincount is given an empty input tensor splits, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 7a4591fd4f065f4fa903593bc39b2f79530a74b8. The fix will b...
CVE-2022-35986
TensorFlow is an open source platform for machine learning. If RaggedBincount is given an empty input tensor splits, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 7a4591fd4f065f4fa903593bc39b2f79530a74b8. The fix will b...
CVE-2022-35986 Segfault in `RaggedBincount` in TensorFlow
TensorFlow is an open source platform for machine learning. If RaggedBincount is given an empty input tensor splits, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 7a4591fd4f065f4fa903593bc39b2f79530a74b8. The fix will b...
CVE-2022-35987
TensorFlow vulnerability CVE-2022-35987 affects DenseBincount: if weights shape does not match input (or is not length-0), a CHECK failure can be triggered, potentially allowing a denial-of-service. The issue is mitigated by applying the patch from commit bf4c14353c2328636a18bfad1e151052c81d5f43,...
CVE-2022-35987 `CHECK` fail in `DenseBincount` in TensorFlow
TensorFlow is an open source platform for machine learning. DenseBincount assumes its input tensor weights to either have the same shape as its input tensor input or to be length-0. A different weights shape will trigger a CHECK fail that can be used to trigger a denial of service attack. We have...
CVE-2022-35987 `CHECK` fail in `DenseBincount` in TensorFlow
TensorFlow is an open source platform for machine learning. DenseBincount assumes its input tensor weights to either have the same shape as its input tensor input or to be length-0. A different weights shape will trigger a CHECK fail that can be used to trigger a denial of service attack. We have...
CVE-2022-35987
TensorFlow is an open source platform for machine learning. DenseBincount assumes its input tensor weights to either have the same shape as its input tensor input or to be length-0. A different weights shape will trigger a CHECK fail that can be used to trigger a denial of service attack. We have...
CVE-2022-35987 `CHECK` fail in `DenseBincount` in TensorFlow
TensorFlow is an open source platform for machine learning. DenseBincount assumes its input tensor weights to either have the same shape as its input tensor input or to be length-0. A different weights shape will trigger a CHECK fail that can be used to trigger a denial of service attack. We have...
CVE-2022-35985 `CHECK` fail in `LRNGrad` in TensorFlow
TensorFlow is an open source platform for machine learning. If LRNGrad is given an outputimage input tensor that is not 4-D, it results in a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit bd90b3efab4ec958b228cd7cfe9125be1c0cf255. The...
CVE-2022-35985 `CHECK` fail in `LRNGrad` in TensorFlow
TensorFlow is an open source platform for machine learning. If LRNGrad is given an outputimage input tensor that is not 4-D, it results in a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit bd90b3efab4ec958b228cd7cfe9125be1c0cf255. The...
CVE-2022-35985
CVE-2022-35985: In TensorFlow, LRNGrad raises a denial-of-service risk when output_image is not 4-D, triggering a CHECK failure. The issue was patched in commit bd90b3efab4ec958b228cd7cfe9125be1c0cf255 and the fix is planned for TensorFlow 2.10.0, with cherry-picks on TF 2.9.1, 2.8.1, and 2.7.2 (...
CVE-2022-35985 `CHECK` fail in `LRNGrad` in TensorFlow
TensorFlow is an open source platform for machine learning. If LRNGrad is given an outputimage input tensor that is not 4-D, it results in a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit bd90b3efab4ec958b228cd7cfe9125be1c0cf255. The...
CVE-2022-35985
TensorFlow is an open source platform for machine learning. If LRNGrad is given an outputimage input tensor that is not 4-D, it results in a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit bd90b3efab4ec958b228cd7cfe9125be1c0cf255. The...
CVE-2022-35984
TensorFlow CVE-2022-35984 affects ParameterizedTruncatedNormal where shape is assumed to be int32; providing an int64 shape triggers a mismatched type CHECK failure that can cause a denial of service. The issue has been patched in commit 72180be03447a10810edca700cbc9af690dfeb51 and the fix is sla...
CVE-2022-35984 `CHECK` fail in `ParameterizedTruncatedNormal` in TensorFlow
TensorFlow is an open source platform for machine learning. ParameterizedTruncatedNormal assumes shape is of type int32. A valid shape of type int64 results in a mismatched type CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...